National Institute of Standards and Technology. (2020, December 3). FISMA Implementation Project. This resource gives an overview of the different steps involved in assessing and implementing risk management in the cybersecurity arena.
Britt, P. (2017, March 31). Cybersecurity risk management: Finding and fixing your security vulnerabilities. This resource highlights how to identify and address cyber risks and vulnerabilities to maintain the organization’s risk posture at the desired level.
Parenty, T. J., & Domet, J. J. (2019). Sizing up your cyber risks. Harvard Business Review, 97(6), 102–109. This resource highlights the best approach in identifying a company’s critical business activities and risks to the organization.
Benz, M., & Chatterjee, D. (2020). Calculated risk? A cybersecurity evaluation tool for SMEs. Business Horizons, 63(4), 531–540. This resource describes a methodology developed using the National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF) as a starting point to help small and medium-sized enterprises (SMEs) evaluate their cybersecurity risk and resilience.
Scala, N. M., Reilly, A. C., Goethals, P. L., & Cukier, M. (2019). Risk and the five hard problems of cybersecurity. Risk Analysis: An International Journal, 39(10), 2119–2126. This resource addresses risk in cyber defense and identifies opportunities to incorporate risk analysis principles into the cybersecurity field.